General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Anti-virus and "Server response inspection"

I have been disabling "server response inspection" by default in all my policies as it is documented in a number of places (including independent group tests) that this improves the overall firewall performance, and I was under the impression that SRI was only useful in certain data-centre environments that do not apply to us.However while testi...

Slow commit

Hi,I'm running the latest firmware from PAN on a PA-500. Not long ago the commit was pretty fast, like 1 minute or so.I haven't done any major changes, but i've noticed the commit has become gradually slower as time passes. Now its really slow!Can someone tell me the reason for this, and a way to fix it?I will get the 5020 box very soon, but i...

johnd by L2 Linker
  • 3448 Views
  • 3 replies
  • 0 Likes

Resolved! Cannot update software since upgrading to 4.1

Hello all,I recently upgraded to the 4.1 OS from 4.0.1. The firewall settings are fine but for some reason whenever the firewall tries to download any new software like 4.1.1, GlobalProtect, Dynamic Updates it keeps getting the error "Failed due to network failure".I have checked and made sure that the Managment Interface is not being blocked by...

devere by L2 Linker
  • 11240 Views
  • 13 replies
  • 0 Likes

Resolved! SSL-VPN usage report

I'm probably overlooking something obvious.. but I can't seem to find a way to generate a login / session report of SSL-VPN users. Can anyone give a brother a hint?

nwallette by Not applicable
  • 5318 Views
  • 4 replies
  • 0 Likes

Console Cable Scrolling

I am having issues with console cable connectivity and scrolling when working in a box. Basically the short of it is, no matter what console program I use, albeit putty; I get about 40 lines shown, and when I go to view more it overwrites the bottom 20 to 30 and only leaves so much up top. Wierd thing on putty is... If you log into the box an...

mcole by Not applicable
  • 3393 Views
  • 2 replies
  • 0 Likes

Resolved! user-id agent connection issues

Hi,We are trying to connect our PAN 2050 OS 4.0.9 to a couple of user-id agent version 4.1.3. The connection is not established and the agent logs reports:Device thread 1 SSL no certificateDevice thread 1 reply ver 5 msg with max ver 5, msg type 6Failed to read message msg header. error -1Device thread 1 SSL shutdownThe PAN "show user userid-age...

ajripa by Not applicable
  • 4249 Views
  • 1 replies
  • 0 Likes

Odd App ID

So, interesting thing. We use a PA-500 for our enterprise guest networks. We currently have a couple rules that go like this:1. Allow guest networks to use Skype / Skrype-Probe2. Block guest networks from using Risk 4 and 5 P2P (this catches stuff like Bittorrent, etc.)We just got an email that someone on our guest network is torrenting. L...

mrsold by Not applicable
  • 3478 Views
  • 3 replies
  • 0 Likes

Resolved! JS/Trojan.redirector.cay false postive?

Hello,Starting from what appears to be right after pattern update 683-936 was committed - we began receiving a very substantial amount of alerts from multiple internal "victims" for this Trojan. I am still investigating this internally. Has anyone else had a large amount of activity on this signature starting recently? Looking to verify if thi...

MGoodnow by L4 Transporter
  • 9924 Views
  • 9 replies
  • 0 Likes

Customize url report

Hi everyone, I use PAN-OS 3.1.6, I want to customize url report by filter some website don't show in my customize url report. I try use filter by url and operation is "!=" but it doesn't work. How I do it ?

Captive portal authentication with Radius/AD

Hello I try PAN-OS 4.1.3, I use captive portal authentication with Radius/AD. I config user in WiFi zone access to any zone must authentication with captive portal. It work normally. But I try set Proxy server and user in WiFi Zone config Proxy IP into Internet Option. After that the user in WiFi zone can't access to any web becasue of the b...

Drop DSCP marked traffic

Hi, I am looking for a way to define a DSCP value as a condition for a rule. I would like to drop traffic that was previously marked before entering the PAN FW. Any ideas?Thanks!

Prevent virus with Data Patterns

We are receiving some spam e-mails that containing links to zipped exe files with malicious code.All the exe files have in common a series of underscore characters, for example: fattura.pdf_________________.exe or informazioni.pdf____________________.exe We send to Palo Alto Support the exe file for the threat identification by Wildfire, but cur...

finit by L1 Bithead
  • 7180 Views
  • 9 replies
  • 0 Likes
  • 24401 Posts
  • 123 Subscriptions
Top Solution Authors
Labels